FIDO Alliance Seeks to Increase Passkeys Adoption With Draft Secure Credential Exchange Specifications

[Pelican Press 0]

This is the hidden content, please

• Sign In
• or
• Sign Up

FIDO Alliance Seeks to Increase Passkeys Adoption With Draft Secure Credential Exchange Specifications

Passkeys — the modern, phishing-resistant secure alternative to passwords — could soon become easier to use across various platforms. According to new draft specifications published by the FIDO (Fast Identity Online) Alliance, companies like

This is the hidden content, please

• Sign In
• or
• Sign Up

, Apple and

This is the hidden content, please

• Sign In
• or
• Sign Up

as well as password management apps like Dashlane, 1Password, and Bitwarden could allow users to export and import passkeys and passwords securely, allowing them to migrate their credentials to another service (for example, when switching from Android to iOS) instead of creating new ones.

FIDO Alliance Publishes Draft Secure Credential Exchange Specifications

The FIDO Alliance

This is the hidden content, please

• Sign In
• or
• Sign Up

two draft specifications on Monday — Credential Exchange Protocol (CXP) and Credential Exchange Format (CXF) — stating that they were designed to promote choice, while enhancing the user experience while utilising passkeys.

The new CXP and CXF draft specifications were designed to streamline the process of transferring credentials such as passwords, passkeys, and other information in a secure manner. Currently, most password managers export credentials in plaintext, usually in the form of a comma separated value (CSV) text file, which is extremely risky.

While the draft secure credentials exchange specifications will improve the security of passwords when they are being exported, they will provide the first secure method of migrating passkeys across services.

For example, a Bitwarden user might be able to export passkeys stored with the service and then import them into their

This is the hidden content, please

• Sign In
• or
• Sign Up

or Apple account. The process would ensure that users would not need to generate multiple passkeys for each service, while making it easy for users to switch platforms.

It’s worth noting that it could be a while before secure password and passkey migration could make its way to users. These draft specifications will need to be agreed upon, standardised, and implemented by credential providers, in order for the new functionality to be available. The FIDO Alliance also says that it is accepting community review

This is the hidden content, please

• Sign In
• or
• Sign Up

 — developers and enthusiasts can provide feedback on the draft specifications.

This is the hidden content, please

• Sign In
• or
• Sign Up

#FIDO #Alliance #Seeks #Increase #Passkeys #Adoption #Draft #Secure #Credential #Exchange #Specifications

This is the hidden content, please

• Sign In
• or
• Sign Up

This is the hidden content, please

• Sign In
• or
• Sign Up